Release date
Summary
Bugs fixes and improvements
Details
Improvements
-
Use Bulk Create for batch creation operations
-
Bulk data deletion
Bug fixes
-
Wrong name of dependency when copying multiple tickets
-
Lack of proper authorization/ID pin bruteforce/clientid IDOR/tablename enumeration leads to PII Data leak.
-
Priv escalation - Low privilege users can takeover administrators grant (and from any other users too)
-
Stored XSS in any Column ID at (any) Gantt main page
-
IDOR + STORED XSS in any column at gantt configuration page
-
Non-privileged users can overwrite other users' Gantts -- in Gantt creation function
-
Not possible to delete the values of 2 tickets or more consecutively in "single version"
-
"administrators" should have permission to create Gantt
-
Color setting rank was not saved
-
Cannot import MS Project file
-
No dependencies after importing MPP file
-
XSS Stored in Gantt Configuration through the name on Color Children bar
-
The WBS number changes immediately after selecting a template and creating a ticket
-
Planned date on Jira issue screen of the ticket created from the ticket line with the milestone does not appear as a value
-
The epic link is not created when copying the epic and its subordinate tickets.